Re: Theo chiming in on strlcpy

To: tech-pkg%NetBSD.org@localhost
Subject: Re: Theo chiming in on strlcpy
From: David Holland <dholland-pkgtech%netbsd.org@localhost>
Date: Sun, 22 Dec 2013 02:33:00 +0000

On Sun, Dec 22, 2013 at 02:38:30AM +0100, Marc Espie wrote:
 > Okay, so you think some buffer overflows can be not dangerous ?

An overflow that arises if e.g. root puts 5KB of shellcode into
/etc/services is not a security issue, it's just a bug. Fix it and
move on.

 > Thank you, you just made my point much better than I could by myself.

Namely, that people concerned about real security issues shouldn't be
listening to you? :-)

-- 
David A. Holland
dholland%netbsd.org@localhost

References:
- Theo chiming in on strlcpy
  - From: Marc Espie
- Re: Theo chiming in on strlcpy
  - From: Robert Elz
- Re: Theo chiming in on strlcpy
  - From: Marc Espie

Prev by Date: Re: Theo chiming in on strlcpy
Next by Date: daily pkgsrc CVS update output
Previous by Thread: Re: Theo chiming in on strlcpy
Next by Thread: Re: Theo chiming in on strlcpy
Indexes:

Home | Main Index | Thread Index | Old Index